spf helo pass

Benny Pedersen me at junc.eu
Fri Dec 31 11:56:27 UTC 2021

On 2021-12-31 08:38, Felix Zielcke wrote:

> Spam senders can setup valid SPF + DKIM too.

most fail to understand spf helo pass :)

> The only difference is a malicous relay could make ARC headers for e.g.
> microsoft.com even though DKIM didn't pass. So yeah you need more trust
> with ARC.

you still would just verify original sender via dmarc validating through 
dkim,spf,arc chains

if maillist all did the arc seal/ arc sign, before thay break dkim, then 
its still possible to verify orginal sender trust, bingo

its just sad nearly all make it worse by dkim sign all forwarded mails, 
thay miss the dkim private key mostly to do this, no ? :=)

> But I think you can trust the dovecot mailing list server.

exactly why i started debate on spf helo pass

hope all fellows get it why

More information about the dovecot mailing list